Apache Geronimo web administration console is vulnerable to directory traversal. The vulnerabilty is possible because it does not validate the input to the web administrative console, allowing a remote attacker to upload any file in any directory.
dsecrg.com/pages/vul/show.php?id=118
geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214
issues.apache.org/jira/browse/GERONIMO-4597
secunia.com/advisories/34715
www.securityfocus.com/archive/1/502733/100/0/threaded
www.securityfocus.com/bid/34562
www.vupen.com/english/advisories/2009/1089
exchange.xforce.ibmcloud.com/vulnerabilities/49898
exchange.xforce.ibmcloud.com/vulnerabilities/49899
exchange.xforce.ibmcloud.com/vulnerabilities/49900
issues.apache.org/jira/browse/GERONIMO-4597
www.exploit-db.com/exploits/8458